[ previous ] [ next ] [ threads ]
 From:  "Kristian Shaw" <monowall at wealdclose dot co dot uk>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] IPSEC + NAT
 Date:  Thu, 5 Oct 2006 18:20:12 +0100

If I understand you correctly:
-The m0n0wall would be performing NAT for clients behind the LAN interface.
-The WAN interface would be assigned a public routable IP address

In this scenario IPSEC would work fine so long as the remote site also had a 
publicly routable WAN address (as you have suggested).

IPSEC would not work if the m0n0wall WAN interface was assigned a private IP 
address (10.x, 172.16.x, 192.168.x etc) with the cable router statically 
NAT'ing to this address (e.g. 1:1 NAT on the router).



----- Original Message ----- 
From: "Brian Ertel" <bsertel at amherst dot edu>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Thursday, October 05, 2006 3:28 PM
Subject: [m0n0wall] IPSEC + NAT

Hi All,

Ok, so after reading past threads on this subject I am utterly confused.
The question is does monowall support IP SEC through NAT between a point
to point monowall vpn.  If I have a remote site running on Comcast
cable, with a router and the monowall behind it using static routable
IP's between the router and the monowall then nat for clients behind the
monowall, and a similar set up on campus will that work?




Brian Ertel
Network Administrator
Amherst College
bsertel at amherst dot edu

To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch